Recently, there is a growing interest in the research
community to employ tamper-resistant processors for software protection. Many of these proposed systems rely on a specially
tailored secure processor to prevent 1) illegal software
duplication, 2) unauthorized software modification, and 3)
unauthorized software reverse engineering. Most of these works
primarily focus on the feasibility demonstration and design
details rather than trying to elucidate many fundamental issues
that are either ``elusive'' or ``confusing'' to the architecture
researchers. Furthermore, many proposed systems have been built on
assumptions whose security implications have not been well studied
or understood. Instead of proposing yet another new secure
architecture model, in this paper, we will try to answer some of
these fundamental questions with respect to using hardware-based
cryptography for protecting software execution. Those issues
include, 1) Is hardware cryptography necessary? 2) Is per-process
single cryptography key enough to provide the flexibility,
inter-operability, and compatibility required by today's complex
software system? 3) Is OTP (one-time-pad) in combination with
``lazy" authentication secure enough to protect software
confidentiality? 4) Is there way to protect software integrity
using less hardware resource? Finally, the paper defines the
difference between off-line and on-line attacks and presents a
very low overhead security enhancement technique that can improve
protection on software integrity over on-line attacks by several
magnitudes.